Ftp Disable RootLogin
This topic explains how to load a modified proftpd.conf file at NAS startup to disable availability of login with root/admin account on the FTP server.
Skills required
Being able to connect to NAS via ssh (e.g use PuTTY)
Being able to edit files with vi
Prerequisites
Check the following page to create the autorun.sh script :
Running_Your_Own_Application_at_Startup
Using Method #3 is recommended to do next steps
How To
Login to your NAS via SSH and do the next steps.
Edit proftpd.conf
1. Make a copy of your proftpd.conf file :
cp /etc/config/proftpd.conf /etc/config/proftpd.conf.sec
2. Edit the copy with vi (type "i" to switch to edit mode)
vi /etc/config/proftpd.conf.sec
ServerName "ProFTPD" ServerType standalone DefaultServer on RootLogin on
On line "RootLogin" change "on" with "off" and save the file (use "esc" key and type ":wq")
ServerName "ProFTPD" ServerType standalone DefaultServer on RootLogin off
Edit autorun.sh
1. Edit your autorun.sh (path names according to Method #3 of Running Your Own Application at Startup)
vi /share/HDA_DATA/.qpkg/autorun/autorun.sh
2. Paste the following lines in vi (type "i" to switch to edit mode)
#!/bin/sh cp /etc/config/proftpd.conf.sec /etc/config/proftpd.conf /etc/init.d/ftp.sh reconfig
Then, save the file (use "esc" key and type ":wq")
Now, at each NAS startup, the FTP server will use your proftpd.conf.sec configuration file and will protect your server against root/admin logins.
If you require root/admin rights when using your FTP server, consider using another user with same rights and a strong password.